Re: Pentesting a wireless Symbol Technologies barcode scanner system

From: Glenn Larsson (ichinin@swipnet.se)
Date: Tue Aug 20 2002 - 18:27:23 EDT

• Next message: Pete Jacob: "Re: Pentesting a wireless Symbol Technologies barcode scanner system"
• Previous message: Fernando Cardoso: "RE: Looks like a Borderware firewall"
• In reply to: bserra@forsythesolutions.com: "Pentesting a wireless Symbol Technologies barcode scanner system"
• Next in thread: Pete Jacob: "Re: Pentesting a wireless Symbol Technologies barcode scanner system"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

bserra@forsythesolutions.com wrote:
>
> All,
> Does anyone have any information or has done a wireless pen-test on a
> Symbol Technologies manufacturing barcode scanning system? I have heard
> that it is possibly 802.11 but uses some propriety encryption and/or
> protocol. Any insight would be helpful.

Hi.

All i know is that Symbol have developed their own kerberos
implementation for
their handhelds + Wireless Networker & Companion, it does not say any
specifics
about the implementation, i.e. using kerberos for _key exchange_ but
still using
rc4 for encryption. Try some basic kerberos attacks against it and see
for
yourself (Would not be surprised if you found something usefull)

- My _guess_ is that the whole system it's backwards compatible with WEP
and
security can be logon-downgraded via an old client that want to speak to
the
network.

- Symbol AP(*)/Bridge Default pwd's: "Symbol" & "SYMBOL".
(24xx/302x/41xx)

- If you find an old PDT, the wep key is found under
HKLM\Software\Symbol
(i think.)¨ This can be transfered to another device then reused on that
(Did it back in 2000 - worked fine)

- PocketPC 3.0 was also succeptible to a nobrainer ICMP-DoS attack;
never
did write an advisory regarding this (not tried PPC 2k+2)

- Note that old clients run dos binaries (PPT 31xx/61xx), usual software
found == MCL & wavelink, you can have fun with these as well.

If you want to know more, i suggest you ask OSP people to send you
details
regarding security, also, i think there is a whitepaper on regarding
their
kerberos, i've never read it.

Regards,
Glenn

----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

• Next message: Pete Jacob: "Re: Pentesting a wireless Symbol Technologies barcode scanner system"
• Previous message: Fernando Cardoso: "RE: Looks like a Borderware firewall"
• In reply to: bserra@forsythesolutions.com: "Pentesting a wireless Symbol Technologies barcode scanner system"
• Next in thread: Pete Jacob: "Re: Pentesting a wireless Symbol Technologies barcode scanner system"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:24 EDT